prosody
a65b56348034
util/sasl/scram.lua
Software / code / prosody
Comparison
util/sasl/scram.lua @ 5839:a65b56348034
util.sasl.scram: Checking the GS2 header for valid start flag.
| author | Tobias Markmann <tm@ayena.de> |
|---|---|
| date | Sun, 06 Feb 2011 13:20:17 +0100 |
| parent | 5837:574e91531994 |
| child | 5840:4b484e8feafc |
comparison
equal
deleted
inserted
replaced
| 5838:a2659baf8332 | 5839:a65b56348034 |
|---|---|
| 129 -- TODO: fail if authzid is provided, since we don't support them yet | 129 -- TODO: fail if authzid is provided, since we don't support them yet |
| 130 self.state["client_first_message"] = client_first_message; | 130 self.state["client_first_message"] = client_first_message; |
| 131 self.state["gs2_cbind_flag"], self.state["gs2_cbind_name"], self.state["authzid"], self.state["name"], self.state["clientnonce"] | 131 self.state["gs2_cbind_flag"], self.state["gs2_cbind_name"], self.state["authzid"], self.state["name"], self.state["clientnonce"] |
| 132 = client_first_message:match("^(%a)=?([%a%-]*),(.*),n=(.*),r=([^,]*).*"); | 132 = client_first_message:match("^(%a)=?([%a%-]*),(.*),n=(.*),r=([^,]*).*"); |
| 133 | 133 |
| 134 -- check for invalid gs2_flag_type start | |
| 135 local gs2_flag_type == string.sub(self.state.gs2_cbind_flag, 0, 1) | |
| 136 if gs2_flag_type ~= "y" and gs2_flag_type ~= "n" and gs2_flag_type ~= "p" then | |
| 137 return "failure", "malformed-request", "The GS2 header has to start with 'y', 'n', or 'p'." | |
| 138 end | |
| 139 | |
| 134 if support_channel_binding then | 140 if support_channel_binding then |
| 135 if string.sub(self.state.gs2_cbind_flag, 0, 1) == "y" then | 141 if string.sub(self.state.gs2_cbind_flag, 0, 1) == "y" then |
| 136 return "failure", "malformed-request"; | 142 return "failure", "malformed-request"; |
| 137 end | 143 end |
| 138 | 144 |
| 139 -- check whether we support the proposed channel binding type | 145 -- check whether we support the proposed channel binding type |
| 140 if not self.profile.cb[self.state.gs2_cbind_name] then | 146 if not self.profile.cb[self.state.gs2_cbind_name] then |
| 141 return "failure", "malformed-request", "Proposed channel binding type isn't supported."; | 147 return "failure", "malformed-request", "Proposed channel binding type isn't supported."; |
| 142 end | 148 end |
| 143 else | 149 else |
| 150 -- we don't support channelbinding, | |
| 144 if self.state.gs2_cbind_flag ~= "n" and self.state.gs2_cbind_flag ~= "y" then | 151 if self.state.gs2_cbind_flag ~= "n" and self.state.gs2_cbind_flag ~= "y" then |
| 145 return "failure", "malformed-request"; | 152 return "failure", "malformed-request"; |
| 146 end | 153 end |
| 147 end | 154 end |
| 148 | 155 |
